On February 27, 2019, the email account of an employee was accessed by an unauthorized individual. The employee’s password was changed (by the employee) on February 28, 2019 and the account was not re-accessed by any unauthorized individual thereafter. The Organization has no knowledge of any of the employee’s emails having been accessed and it is not clear whether the unauthorized individual did anything in the account. On March 19, 2019, the email account of another employee was accessed by an unauthorized individual. It appears that the unauthorized individual had access to the account for fewer than 10 minutes before the issue was detected and an alert sent to the IT department, who disabled the account. The Organization has no knowledge of any of the emails having been accessed and it is not clear whether the unauthorized individual did anything in the account. The first incident was discovered on March 29, 2019 by the Organization?s IT department while investigating the second incident.
P2019-ND-191
File Type:
pdf
File Size:
599 KB
Categories:
2019